Receive the latest national-international updates in your inbox

A third wave of a cyber attack was underway on Friday afternoon, Dyn officials told CNBC's Eamon Javers, who then broke the news on NBC Connecticut News at 4. (Published Friday, Oct. 21, 2016)

A third wave of denial-of-service attacks on a key piece of internet plumbing was resolved by late Friday, said the company that was targeted.

Internet infrastructure company Dyn Inc. told CNBC earlier in the day that the third wave was underway, causing more disruptions after dozens of the world's most popular websites were taken largely offline Friday morning.

The White House said it was aware of the situation and that the Department of Homeland Security was looking into it; a senior law enforcement official told NBC News that the FBI has been investigating as well. U.S. intelligence officials told NBC News Friday afternoon that they did not know who was responsible for the attacks, though one source said involvement by North Korea had been ruled out.

Dyn, which runs domain name servers, said on its website that it was subject to a distributed denial of service, or DDoS, attack. Domain name servers translate website names to the numeric Internet Protocol addresses behind them. Dyn, headquartered in Manchester, New Hampshire, is one of the larger companies in that business.

Major internet services including Spotify, Twitter, Paypal, Reddit, the PlayStation Network, Netflix, SoundCloud and a number of media websites were difficult or impossible to reach early Friday.

A live outage map for the payments website PayPal shows widespread disruptions as of 12:45 p.m. ET on Friday, Oct. 21, 2016, following an attack on Internet infrastructure company Dyn.
Photo credit: DownDetector.com

DownDetector.com, a popular website for checking internet outages, showed a sharp and simultaneous spike in users reporting sites being inaccessible just after 7 a.m. ET and again around noon.

Service providers including Comcast, Cox, Time Warner Cable and AT&T were also affected.

Dyn told CNBC that it was being hit by "tens of millions of IP addresses" Friday afternoon, around 4:15 p.m. ET. They said one of the sources of the attack is devices like DVRs, printers, and other appliances that are connected to the internet, collectively known as the "Internet of Things."

Dyn said normal service was restored just over two hours later. But on its website it reported a new attack as of 11:52 a.m. ET that was still underway a half hour later.

"(We) have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue," the company said on its status update page.

Later Friday, Dyn released a statement saying the third attack "has been resolved."

On social media, people reported renewed difficulty accessing Spotify in Europe, as well as problems with photos and video on Twitter. DownDetector showed fresh spikes in outage reports for sites including PayPal, Netflix and Pinterest.

The attacks immediately renewed fears about the security of the Internet's core infrastructure, particularly with the presidential election - already the subject of hacking concerns - less than three weeks away.